diff options
author | allanjude <allanjude@FreeBSD.org> | 2016-05-28 16:06:07 +0000 |
---|---|---|
committer | allanjude <allanjude@FreeBSD.org> | 2016-05-28 16:06:07 +0000 |
commit | 4581e38971cdd62b178bbed2066ac8c3b0ec5499 (patch) | |
tree | fb7b8495c2429cb7c5e5287882efd1fd12bb6120 /sbin/md5/md5.1 | |
parent | 15f895037c82da771c558cbbda75c3ae7f309e15 (diff) | |
download | FreeBSD-src-4581e38971cdd62b178bbed2066ac8c3b0ec5499.zip FreeBSD-src-4581e38971cdd62b178bbed2066ac8c3b0ec5499.tar.gz |
Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.
The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.
This is the follow on to r292782
Reviewed by: cem
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D6061
Diffstat (limited to 'sbin/md5/md5.1')
-rw-r--r-- | sbin/md5/md5.1 | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1 index 94cdf84..6fa0393 100644 --- a/sbin/md5/md5.1 +++ b/sbin/md5/md5.1 @@ -1,9 +1,9 @@ .\" $FreeBSD$ -.Dd October 17, 2015 +.Dd April 22, 2016 .Dt MD5 1 .Os .Sh NAME -.Nm md5 , sha1 , sha256 , sha384 , sha512, rmd160 +.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160 .Nd calculate a message-digest fingerprint (checksum) for a file .Sh SYNOPSIS .Nm md5 @@ -31,6 +31,11 @@ .Op Fl c Ar string .Op Fl s Ar string .Op Ar +.Nm sha512t256 +.Op Fl pqrtx +.Op Fl c Ar string +.Op Fl s Ar string +.Op Ar .Nm rmd160 .Op Fl pqrtx .Op Fl c Ar string @@ -38,7 +43,7 @@ .Op Ar .Sh DESCRIPTION The -.Nm md5 , sha1 , sha256 , sha384 , sha512 +.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256 and .Nm rmd160 utilities take as input a message of arbitrary length and produce as @@ -78,8 +83,17 @@ found which is faster than a brute-force search, placing the security of .Tn SHA-1 in doubt. .Pp -It is recommended that all new applications use +.Tn SHA-512t256 +is a version of +.Tn SHA-512 +truncated to only 256 bits. +On 64-bit hardware, this algorithm is approximately 50% faster than .Tn SHA-256 +but with the same level of security. +The hashes are not interchangeable. +.Pp +It is recommended that all new applications use +.Tn SHA-512 instead of one of the other hash functions. .Pp The following options may be used in any combination and must @@ -114,7 +128,7 @@ Run a built-in test script. .El .Sh EXIT STATUS The -.Nm md5 , sha1 , sha256 , sha512 +.Nm md5 , sha1 , sha256 , sha512, sha512t256 and .Nm rmd160 utilities exit 0 on success, |